CVE-2022-41333

Summary

An uncontrolled resource consumption vulnerability [CWE-400] in FortiRecorder version 6.4.3 and below, 6.0.11 and below login authentication mechanism may allow an unauthenticated attacker to make the device unavailable via crafted GET requests.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiRecorder6.4.0 <= 6.4.3affected
FortinetFortiRecorder6.0.0 <= 6.0.11affected

Weaknesses

  • CWE-400: Denial of service

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References